From 721831204365b0d5471a9f9c655de882289a8786 Mon Sep 17 00:00:00 2001
From: smaguin <smaguin@localhost>
Date: Fri, 03 Aug 2007 08:39:19 +0000
Subject: [PATCH]
---
opendj-sdk/opends/tests/functional-tests/shared/functions/security.xml | 830 +++++++++++++++++++++++++++++++++++++++++-----------------
1 files changed, 587 insertions(+), 243 deletions(-)
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/functions/security.xml b/opendj-sdk/opends/tests/functional-tests/shared/functions/security.xml
index 28fa986..d343e87 100755
--- a/opendj-sdk/opends/tests/functional-tests/shared/functions/security.xml
+++ b/opendj-sdk/opends/tests/functional-tests/shared/functions/security.xml
@@ -432,7 +432,11 @@
</function>
-<!-- Configure SSL -->
+<!-- ################################################## -->
+<!-- configure SSL -->
+<!-- ################################################## -->
+
+
<function name="configureSSL">
<function-prolog>
This function makes the configuration changes for SSL
@@ -466,6 +470,11 @@
<function-arg-description>
Bind DN
</function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="certAlias" type="optional" default="'server-cert'">
+ <function-arg-description>
+ Alias certificate
+ </function-arg-description>
<function-arg-property name="type" value="DN"/>
</function-arg-def>
<function-arg-def name="dsInstancePswd" type="optional">
@@ -474,12 +483,18 @@
</function-arg-description>
<function-arg-property name="type" value="string"/>
</function-arg-def>
- <function-arg-def name="keystoreType" type="required">
- <function-arg-description>
- Keystore type
- </function-arg-description>
- <function-arg-property name="type" value="string"/>
- </function-arg-def>
+ <function-arg-def name="keystoreType" type="optional" default="'JKS'">
+ <function-arg-description>
+ Keystore type : JKS or PKCS12
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ <function-arg-def name="keystorePin" type="optional" default="'servercert'">
+ <function-arg-description>
+ Keystore pin
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
<function-arg-def name="extraParams" type="optional">
<function-arg-description>
Optional extra parameters for specific test cases
@@ -488,91 +503,84 @@
</function-arg-def>
</function-map-args>
<sequence>
-
- <!-- Local variables -->
- <script>
- mylocation=location
- myhost=dsInstanceHost
- myport=dsInstancePort
- mydn=dsInstanceDn
- mypswd=dsInstancePswd
- </script>
-
- <!--- Enable Key Manager Provider -->
+
+ <!--- configure Key Manager Provider -->
<message>
- 'Enabling Key Manager Provider'
- </message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/setup/enable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
-
- <!--- Enable Trust Manager Provider -->
- <message>
- 'Enabling Trust Manager Provider'
+ 'Configure Key Manager Provider'
</message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/setup/enable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-key-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : keystoreType,
+ 'optionsString' : '--set key-store-file:config/keystore --reset key-store-pin-file --set key-store-pin:%s --set enabled:true' % keystorePin,
+ 'expectedRC' : 0 }
+ </call>
+
+ <!--- configure Trust Manager Provider -->
+ <message>
+ 'Configure Trust Manager Provider'
+ </message>
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-trust-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : 'Blind Trust',
+ 'optionsString' : '--set enabled:true' ,
+ 'expectedRC' : 0 }
+ </call>
+
<!--- Enable LDAPS Connection Handler -->
<message>
'Enabling LDAPS Connection Handler - Keystore type'
</message>
-
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/setup/enable_ldaps_conn_handler.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
-
- <message>
- 'Enabling LDAPS Connection Handler - Port number'
- </message>
-
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/ldaps_port.ldif' % (logsRemoteDataDir) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+
+ <script>
+ option1='--set ssl-cert-nickname:%s' % certAlias
+ option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config"'
+ option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
+ option4='--set listen-port:%s' % DIRECTORY_INSTANCE_SSL_PORT
+ option5='--set enabled:true'
+ optionsString='%s %s %s %s %s' % (option1,option2,option3,option4,option5)
+ </script>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAPS Connection Handler',
+ 'optionsString' : optionsString,
+ 'expectedRC' : 0 }
+ </call>
+
+
</sequence>
</function>
+<!-- ################################################## -->
+<!-- configureTLS -->
+<!-- ################################################## -->
+
<function name="configureTLS">
<function-prolog>
This function makes the configuration changes for startTLS
@@ -614,12 +622,23 @@
</function-arg-description>
<function-arg-property name="type" value="string"/>
</function-arg-def>
- <function-arg-def name="keystoreType" type="required">
+ <function-arg-def name="keystorePin" type="optional" default="'servercert'">
+ <function-arg-description>
+ Keystore pin
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ <function-arg-def name="certAlias" type="optional" default="'server-cert'">
<function-arg-description>
- Keystore type
+ Alias certificate
</function-arg-description>
- <function-arg-property name="type" value="string"/>
- </function-arg-def>
+ </function-arg-def>
+ <function-arg-def name="keystoreType" type="optional" default="'JKS'">
+ <function-arg-description>
+ Keystore type : JKS or PKCS12
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
<function-arg-def name="extraParams" type="optional">
<function-arg-description>
Optional extra parameters for specific test cases
@@ -629,71 +648,257 @@
</function-map-args>
<sequence>
- <!-- Local variables -->
- <script>
- mylocation=location
- myhost=dsInstanceHost
- myport=dsInstancePort
- mydn=dsInstanceDn
- mypswd=dsInstancePswd
- </script>
-
- <!--- Enable Key Manager Provider -->
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/setup/enable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
-
- <!--- Enable Trust Manager Provider -->
+
+ <!--- configure Key Manager Provider -->
<message>
- 'Enabling Trust Manager Provider'
+ 'Configure Key Manager Provider'
</message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/setup/enable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-key-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : keystoreType,
+ 'optionsString' : '--set key-store-file:config/keystore --reset key-store-pin-file --set key-store-pin:%s --set enabled:true' % keystorePin,
+ 'expectedRC' : 0 }
+ </call>
+
+ <!--- configure Trust Manager Provider -->
+ <message>
+ 'Configure Trust Manager Provider'
+ </message>
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-trust-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : 'Blind Trust',
+ 'optionsString' : '--set enabled:true' ,
+ 'expectedRC' : 0 }
+ </call>
<!--- Enable StartTLS -->
<message>
'Enabling StartTLS'
</message>
- <call function="'addEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeAdded' : '%s/security/%s/setup/enable_startTLS.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+ <script>
+ option1='--set ssl-cert-nickname:%s' % certAlias
+ option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config" '
+ option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
+ option4='--set allow-start-tls:true'
+ optionsString='%s %s %s %s' % (option1,option2,option3,option4)
+ </script>
+
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAP Connection Handler',
+ 'optionsString' : optionsString,
+ 'expectedRC' : 0 }
+ </call>
+
+
</sequence>
</function>
+
+<!-- ################################################## -->
+<!-- configure SSL and TLS -->
+<!-- ################################################## -->
+
+
+ <function name="configureSSL_TLS">
+ <function-prolog>
+ This function makes the configuration changes for SSL and TLS
+ </function-prolog>
+ <function-map-args>
+ <function-arg-def name="location" type="optional" default="'%s' % STAF_REMOTE_HOSTNAME">
+ <function-arg-description>
+ Location of target host
+ </function-arg-description>
+ <function-arg-property name="type" value="hostname"/>
+ </function-arg-def>
+ <function-arg-def name="dsPath" type="optional" default="'%s/%s' % (DIRECTORY_INSTANCE_DIR,OPENDSNAME)">
+ <function-arg-description>
+ Pathname to installation root
+ </function-arg-description>
+ <function-arg-property name="type" value="filepath"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstanceHost" type="optional">
+ <function-arg-description>
+ Directory server hostname or IP address
+ </function-arg-description>
+ <function-arg-property name="type" value="hostname"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstancePort" type="optional">
+ <function-arg-description>
+ Directory server port number
+ </function-arg-description>
+ <function-arg-property name="type" value="Port number"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstanceDn" type="optional">
+ <function-arg-description>
+ Bind DN
+ </function-arg-description>
+ <function-arg-property name="type" value="DN"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstancePswd" type="optional">
+ <function-arg-description>
+ Bind password
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ <function-arg-def name="keystoreType" type="optional" default="'JKS'">
+ <function-arg-description>
+ Keystore type : JKS or PKCS12
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ <function-arg-def name="certAlias" type="optional" default="'server-cert'">
+ <function-arg-description>
+ Alias certificate
+ </function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="keystorePin" type="optional" default="'servercert'">
+ <function-arg-description>
+ Keystore pin
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ <function-arg-def name="extraParams" type="optional">
+ <function-arg-description>
+ Optional extra parameters for specific test cases
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ </function-map-args>
+ <sequence>
+
+
+ <!--- configure Key Manager Provider -->
+ <message>
+ 'Configure Key Manager Provider'
+ </message>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-key-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : keystoreType,
+ 'optionsString' : '--set key-store-file:config/keystore --reset key-store-pin-file --set key-store-pin:%s --set enabled:true' % keystorePin,
+ 'expectedRC' : 0 }
+ </call>
+
+ <!--- configure Trust Manager Provider -->
+ <message>
+ 'Configure Trust Manager Provider'
+ </message>
+
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-trust-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : 'Blind Trust',
+ 'optionsString' : '--set enabled:true' ,
+ 'expectedRC' : 0 }
+ </call>
+
+
+ <!--- Enable LDAPS Connection Handler -->
+ <message>
+ 'Enabling LDAPS Connection Handler - Keystore type'
+ </message>
+
+ <script>
+ option1='--set ssl-cert-nickname:%s' % certAlias
+ option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config"'
+ option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
+ option4='--set listen-port:%s' % DIRECTORY_INSTANCE_SSL_PORT
+ option5='--set enabled:true'
+ optionsString='%s %s %s %s %s' % (option1,option2,option3,option4,option5)
+ </script>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAPS Connection Handler',
+ 'optionsString' : optionsString,
+ 'expectedRC' : 0 }
+ </call>
+
+ <!--- Enable StartTLS -->
+ <message>
+ 'Enabling StartTLS'
+ </message>
+
+ <script>
+ option1='--set ssl-cert-nickname:%s' % certAlias
+ option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config" '
+ option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
+ option4='--set allow-start-tls:true'
+ optionsString='%s %s %s %s' % (option1,option2,option3,option4)
+ </script>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAP Connection Handler',
+ 'optionsString' : optionsString,
+ 'expectedRC' : 0 }
+ </call>
+
+ </sequence>
+ </function>
+
+
+<!-- ################################################## -->
<!-- Unconfigure SSL -->
+<!-- ################################################## -->
+
<function name="unconfigureSSL">
<function-prolog>
This function reverses the configuration changes for SSL
@@ -735,12 +940,12 @@
</function-arg-description>
<function-arg-property name="type" value="string"/>
</function-arg-def>
- <function-arg-def name="keystoreType" type="required">
- <function-arg-description>
- Keystore type
- </function-arg-description>
- <function-arg-property name="type" value="string"/>
- </function-arg-def>
+ <function-arg-def name="keystoreType" type="optional" default="'JKS'">
+ <function-arg-description>
+ Keystore type : JKS or PKCS12
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
<function-arg-def name="extraParams" type="optional">
<function-arg-description>
Optional extra parameters for specific test cases
@@ -749,74 +954,75 @@
</function-arg-def>
</function-map-args>
<sequence>
- <!-- Local variables -->
- <script>
- mylocation=location
- myhost=dsInstanceHost
- myport=dsInstancePort
- mydn=dsInstanceDn
- mypswd=dsInstancePswd
- </script>
+
+
<!--- Disable LDAPS Connection Handler -->
<message>
'Disabling LDAPS Connection Handler'
</message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/teardown/disable_ldaps_conn_handler.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
-
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAPS Connection Handler',
+ 'optionsString' : '--set enabled:false',
+ 'expectedRC' : 0 }
+ </call>
+
<!--- Disable SSL Trust Manager Provider -->
<message>
'Disabling SSL Trust Manager Provider'
</message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/teardown/disable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-trust-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : 'Blind Trust',
+ 'optionsString' : '--set enabled:false' ,
+ 'expectedRC' : 0 }
+ </call>
+
<!--- Disable Key Manager Provider -->
<message>
'Disabling Key Manager Provider'
</message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/teardown/disable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-key-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : keystoreType,
+ 'optionsString' : '--set enabled:false',
+ 'expectedRC' : 0 }
+ </call>
+
</sequence>
</function>
-
+
+<!-- ################################################## -->
+<!-- unconfigureTLS -->
+<!-- ################################################## -->
+
<function name="unconfigureTLS">
<function-prolog>
This function reverses the configuration changes for startTLS
@@ -858,12 +1064,12 @@
</function-arg-description>
<function-arg-property name="type" value="string"/>
</function-arg-def>
- <function-arg-def name="keystoreType" type="required">
- <function-arg-description>
- Keystore type
- </function-arg-description>
- <function-arg-property name="type" value="string"/>
- </function-arg-def>
+ <function-arg-def name="keystoreType" type="optional" default="'JKS'">
+ <function-arg-description>
+ Keystore type : JKS or PKCS12
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
<function-arg-def name="extraParams" type="optional">
<function-arg-description>
Optional extra parameters for specific test cases
@@ -873,72 +1079,210 @@
</function-map-args>
<sequence>
- <!-- Local variables -->
- <script>
- mylocation=location
- myhost=dsInstanceHost
- myport=dsInstancePort
- mydn=dsInstanceDn
- mypswd=dsInstancePswd
- </script>
-
+
<!--- Disable StartTLS -->
<message>
'Disabling StartTLS'
</message>
-
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/teardown/disable_startTLS.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAP Connection Handler',
+ 'optionsString' : ' --set allow-start-tls:false',
+ 'expectedRC' : 0 }
+ </call>
<!--- Disable SSL Trust Manager Provider -->
<message>
'Disabling SSL Trust Manager Provider'
</message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/teardown/disable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-trust-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : 'Blind Trust',
+ 'optionsString' : '--set enabled:false' ,
+ 'expectedRC' : 0 }
+ </call>
+
<!--- Disable Key Manager Provider -->
<message>
'Disabling Key Manager Provider'
</message>
- <call function="'modifyEntry'">
- { 'location' : mylocation ,
- 'dsInstanceHost' : myhost ,
- 'dsInstancePort' : myport ,
- 'dsInstanceDn' : mydn ,
- 'dsInstancePswd' : mypswd ,
- 'entryToBeModified' : '%s/security/%s/teardown/disable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
- </call>
-
- <call function="'checktestRC'">
- { 'returncode' : RC ,
- 'result' : STAXResult }
- </call>
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-key-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : keystoreType,
+ 'optionsString' : '--set enabled:false',
+ 'expectedRC' : 0 }
+ </call>
+
</sequence>
</function>
+<!-- ################################################## -->
+<!-- Unconfigure SSL and TLS -->
+<!-- ################################################## -->
+
+ <function name="unconfigureSSL_TLS">
+ <function-prolog>
+ This function reverses the configuration changes for SSL and TLS
+ </function-prolog>
+ <function-map-args>
+ <function-arg-def name="location" type="optional" default="'%s' % STAF_REMOTE_HOSTNAME">
+ <function-arg-description>
+ Location of target host
+ </function-arg-description>
+ <function-arg-property name="type" value="hostname"/>
+ </function-arg-def>
+ <function-arg-def name="dsPath" type="optional" default="'%s/%s' % (DIRECTORY_INSTANCE_DIR,OPENDSNAME)">
+ <function-arg-description>
+ Pathname to installation root
+ </function-arg-description>
+ <function-arg-property name="type" value="filepath"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstanceHost" type="optional">
+ <function-arg-description>
+ Directory server hostname or IP address
+ </function-arg-description>
+ <function-arg-property name="type" value="hostname"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstancePort" type="optional">
+ <function-arg-description>
+ Directory server port number
+ </function-arg-description>
+ <function-arg-property name="type" value="Port number"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstanceDn" type="optional">
+ <function-arg-description>
+ Bind DN
+ </function-arg-description>
+ <function-arg-property name="type" value="DN"/>
+ </function-arg-def>
+ <function-arg-def name="dsInstancePswd" type="optional">
+ <function-arg-description>
+ Bind password
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ <function-arg-def name="keystoreType" type="optional" default="'JKS'">
+ <function-arg-description>
+ Keystore type : JKS or PKCS12
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ <function-arg-def name="extraParams" type="optional">
+ <function-arg-description>
+ Optional extra parameters for specific test cases
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+ </function-map-args>
+ <sequence>
+
+
+
+ <!--- Disable LDAPS Connection Handler -->
+ <message>
+ 'Disabling LDAPS Connection Handler'
+ </message>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAPS Connection Handler',
+ 'optionsString' : '--set enabled:false',
+ 'expectedRC' : 0 }
+ </call>
+
+
+ <!--- Disable StartTLS -->
+ <message>
+ 'Disabling StartTLS'
+ </message>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-connection-handler-prop' ,
+ 'propertyName' : 'handler-name' ,
+ 'propertyValue' : 'LDAP Connection Handler',
+ 'optionsString' : ' --set allow-start-tls:false',
+ 'expectedRC' : 0 }
+ </call>
+
+ <!--- Disable SSL Trust Manager Provider -->
+ <message>
+ 'Disabling SSL Trust Manager Provider'
+ </message>
+
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-trust-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : 'Blind Trust',
+ 'optionsString' : '--set enabled:false' ,
+ 'expectedRC' : 0 }
+ </call>
+
+
+ <!--- Disable Key Manager Provider -->
+ <message>
+ 'Disabling Key Manager Provider'
+ </message>
+
+ <call function="'dsconfig'">
+ { 'location' : location ,
+ 'dsPath' : dsPath ,
+ 'dsInstanceHost' : dsInstanceHost ,
+ 'dsInstancePort' : dsInstancePort ,
+ 'dsInstanceDn' : dsInstanceDn ,
+ 'dsInstancePswd' : dsInstancePswd ,
+ 'subcommand' : 'set-key-manager-prop' ,
+ 'propertyName' : 'manager-name' ,
+ 'propertyValue' : keystoreType,
+ 'optionsString' : '--set enabled:false',
+ 'expectedRC' : 0 }
+ </call>
+
+ </sequence>
+ </function>
+
</stax>
--
Gitblit v1.10.0